Path: ...!fu-berlin.de!bofh.it!news.nic.it!robomod
From: Moritz Muehlenhoff <jmm@debian.org>
Newsgroups: linux.debian.announce.security
Subject: [SECURITY] [DSA 5371-1] chromium security update
Date: Thu, 09 Mar 2023 20:30:01 +0100
Message-ID: <G7u7D-bk9B-1@gated-at.bofh.it>
X-Mailbox-Line: From debian-security-announce-request@lists.debian.org  Thu Mar  9 19:25:47 2023
Old-Return-Path: <jmm@seger.debian.org>
X-Amavis-Spam-Status: No, score=-113.491 tagged_above=-10000 required=5.3
	tests=[BAYES_00=-2, DIGITS_LETTERS=1, DKIMWL_WL_HIGH=-0.001,
	DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	DKIM_VALID_EF=-0.1, FVGT_m_MULTI_ODD=0.02, LDO_WHITELIST=-5,
	PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-2.3,
	USER_IN_DKIM_WELCOMELIST=-0.01, USER_IN_DKIM_WHITELIST=-100]
	autolearn=ham autolearn_force=no
Old-Dkim-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org;
	s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date
	:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description:
	In-Reply-To:References; bh=NsrOE4f4CevyZmLyuNvJN8lVMR6AN/o1vcAmPTvqu0w=; b=gK
	qn1Y0sHbKuslbDX+N+0hzfI++rNPkaD73rdcq97P+GvePPwX/nS0wYvR3KflBYiGMWfbN9Rza7Lv8
	PKf3cSR9pJRoESCQGENID5UN54YtUacezhgLTd+Ulbvqay9cABfwH9uUMWP+XAE49H1KqfypoPi6D
	TtKLyzzGGqYMTk33VjtDzydf3+XiVDKB7FozlCK56g2XYl+ick/eSFiypEdFAYUVFPbBAhlXzhGSt
	fBrlyLWbLUYCaFrixvdwy/tb5wYMN+8xCSTuCCMFUaiSIrwSQolKCc9UlOT30+ONVTsV3wqDgFqOv
	E3vPil4SsSlTwfSWOuhhdfdOgOoi7Tvg==;
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Debian: PGP check passed for security officers
Priority: urgent
Reply-To: debian-security-announce-request@lists.debian.org
X-Mailing-List: <debian-security-announce@lists.debian.org> archive/latest/4271
List-ID: <debian-security-announce.lists.debian.org>
List-URL: <http://lists.debian.org/debian-security-announce/>
List-Archive: https://lists.debian.org/msgid-search/ZAoyoaJBC+pHy+UH@seger.debian.org
Approved: robomod@news.nic.it
Lines: 51
Organization: linux.* mail to news gateway
Sender: robomod@news.nic.it
X-Original-Date: Thu, 9 Mar 2023 19:25:21 +0000
X-Original-Message-ID: <ZAoyoaJBC+pHy+UH@seger.debian.org>
Bytes: 4744

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5371-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 09, 2023                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : chromium
CVE ID         : CVE-2023-1213 CVE-2023-1214 CVE-2023-1215 CVE-2023-1216 
                 CVE-2023-1217 CVE-2023-1218 CVE-2023-1219 CVE-2023-1220 
                 CVE-2023-1221 CVE-2023-1222 CVE-2023-1223 CVE-2023-1224 
                 CVE-2023-1225 CVE-2023-1226 CVE-2023-1227 CVE-2023-1228 
                 CVE-2023-1229 CVE-2023-1230 CVE-2023-1231 CVE-2023-1232 
                 CVE-2023-1233 CVE-2023-1234 CVE-2023-1235 CVE-2023-1236

Multiple security issues were discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure.

For the stable distribution (bullseye), these problems have been fixed in
version 111.0.5563.64-1~deb11u1.

We recommend that you upgrade your chromium packages.

For the detailed security status of chromium please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/chromium

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmQKMPAACgkQEMKTtsN8
TjYhlg/8CfPNklE4eO+wy0otR3hUK3XNeXJqOKSUFybRmZ9223lANRVwBHHTudqh
1Xi/PxnSDVHNH2hqVQZQwnIiTVPXedT8fgS50eoR0RfJjDSy79rL+oLNXbqb8F3/
jY07r1McfUUIjVzg8H/jSVN0fKQG0z53RSx9eX8jITb4r4N1Wy8DQ0XzVGFTxzuR
ao3e7kM/TW8Z/hsHSrLTJiMnqha15GGn9d8IOK5ecqEgWNIOeeDM0WQGoITuIgYq
GqEufHOhgEDbaty6kMzYWPqeVFq/7jkTwBiMTSi6Grjwb+2KroMJPQhg5jkfslpL
bXAom3Sr3lArp88cNR0g8p41G7MjbP1fq5STUxT056zKFGO+cySaxhn4ryMfcPFx
dKqXSHxDSpPjLz1qFTPZovU+x0O6HIazoa4MupAhIxlLvkcdYC2/35DrCr6098HR
X+v8psjeczukkBBzA8eIQGH07f2jWwXxSlLoNr4ClePnsk6YLvZTg0ua/snF/x5i
NmDs2tQkhHKCkLzsu1L0uyImBuiIihBNLasNUpIinjf4iLOtSrl+vsSzOipvIwaW
FL5LYoOPao4n+zBGjOQwUceQ9SJsB1hljk8YUfvgbotzwup5YCqRF6FwAXvlR9kh
Eo/izaErx3FvokrfaifufKAeOrSn+AP9LsHrm2fkuCBNXqz3Z1c=
=gwSp
-----END PGP SIGNATURE-----